urelas | f9a8d2f3e0beeccacef08638ea9fecf5_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f9a8d2f3e0beeccacef08638ea9fecf5_JC.exe
Size

174KB
MD5

f9a8d2f3e0beeccacef08638ea9fecf5
SHA1

8e27acd761d870967050ae943a0edd8c82456421
SHA256

38fa9df86caac4a5dbd9ab238e904ea768d4a32d277fb1ad3f53cc4750f278c9
SHA512

739c90b0428feb5c05f4e3d92ac7eba4d77e96061a8efa4678d1e028a40c878e0cda8457c01e09731c7afe17c4e3e87b57a267f07dc23d8ee1824204741d4615
SSDEEP

1536:HIN9E8RW2ZgACLU2/NpWb3owdFLVa7h5s3ePOHd265dCKsp04mDmr2U1mYI:HIc8RWrNcvXLM7u265wppSnMM

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9a8d2f3e0beeccacef08638ea9fecf5_JC.exe

Files

f9a8d2f3e0beeccacef08638ea9fecf5_JC.exe
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 70KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bijdhfdg
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE